In the modern "electronic" age, day-to-day commercial, official, and personal transactions are increasingly being conducted by means of data exchanged over public telecommunication channels. Sensitive data is often stored in insecure storage. The data exchanged over public telecommunication channels or stored in insecure storage is susceptible to unauthorized access by others, and confidentiality and privacy cannot be guaranteed.
Data encryption is one solution in preventing unauthorized access of data when in storage or transported over public telecommunication channels. Encryption is a form of computation that transforms a plaintext into an unintelligible ciphertext. Decryption is the inverse computation of encryption that recovers the plaintext from the unintelligible ciphertext.
In practice, data is first encrypted from plaintext into ciphertext by an encrypter before being transported over a public channel or committed to storage. Upon reception or retrieval of the data, a decrypter must decrypt the ciphertext back to plaintext to obtain the original data.
In a secret-key cryptographical scheme, a secret key is used to pass information about how the encrypter performed the encryption to an authorized decrypter so that the latter can construct an inverse to effectively perform the decryption. On the other hand, other unauthorized decrypters without the key will find it difficult if not impossible to decrypt the ciphertext.
Conventionally, in a secret-key cryptographic system, there is an established computational sequence of steps or algorithm for encryption and decryption. A secret-key cryptographic system is usually designed with the assumption that the algorithm is publicly known. The only thing that needs to be kept secret is the secret key which is shared only between the sender and an authorized receiver.
Typically the key provides a user-selected value which is taken together with the plaintext as inputs to the algorithm to effect encryption and decryption. Usually, the algorithm modifies the plaintext by adding the key value to it by some modulo arithmetic.
In practice, the secret key is privately communicated from the sender to the authorized receiver through a secure channel. In this way, the authorized receiver can efficiently decrypt the ciphertext using the publicly known algorithm in conjunction with the aid of the secret key. On the other hand, others, not privy to the secret key and short of any other cipher-attack scheme, will have to try out the possible keys in the key space one-by-one to see if one will yield an intelligible decryption. When the key space is extremely large, the encryption system is said to have high encryption intensity and the decryption of it is said to be computationally infeasible.
A computational task is computationally infeasible if it cannot practically be accomplished in a reasonable amount of time by means of reasonable resources. For example, one hundred years on the fastest available computer may be considered unreasonable. Similar, using a specially constructed computer that costs one hundred trillion dollars may be considered unreasonable.
One example of a secret-key system is a "one-time pad" or Vernam scheme, the plaintext is first coded into a binary bit string and is transformed to ciphertext by being added modulo 2 to a secret key. The secret key is a string of random bits as long as the plaintext, and is only used one time. This scheme can be proved to have perfect secrecy, but also has the undesirable requirement of one bit of secret key for each bit of plaintext. The need for the key bits to be as long as the message and that they cannot be reused make the scheme impractical in the context of modern age data transactions.
Attempts have been made by others to generate the large amount of random key bits by a pseudo-random generator. The pseudo-random generator is typically realized by a feedback shift register. The pseudo-random sequence generated is completely determined by the value initially in the shift register. The initial value can be used as a key, thereby allowing a small number of key bits to generate a long sequence of "random" bits. However, one-time pad cryptographic systems employing pseudo-random generators are susceptible to "known-plaintext" attacks, i.e., when a portion of the ciphertext and its corresponding plaintext are known.
Other schemes have been considered to provide a secret-key cryptographic system employing shorter key strings. Notable among these schemes is the "Data Encryption Standard," (DES), promulgated by the United States National Bureau of Standards, Federal Information Processing Standard (FIPS) Publication No. 46, January 1977. Since then, DES has been established as a standard public encryption scheme. According to DES, the encryption and decryption are performed block-by-block, each block being 64 bits long. The algorithm essentially consists of sixteen iterations of a series of predefined permutations, key addition, and predefined substitutions operations among sub-blocks within each 64-bit block. The 56-bit key is cycled through a shift register to generate sixteen values for the iterations.
While DES has been officially adopted as a standard in the last decade, it is generally felt that the time has come for it to be replaced by a new, improved standard. One reason is that the 56-bit key may be too short. It produces a key space of approximately 10.sup.17 possible keys. In view of modern high-speed and multi-processor computers, an exhaustive research of the key space (i.e., trying out every possible key to see if it will yield an intelligible decryption) of this size is becoming computationally feasible. Another disadvantage is that the underlying design principle, such as the choice of the various permutation and substitution transformations and the number of iterations required, is not clearly enunciated. There have been controversies about the possibility of a trapdoor being built into the system. Thus, it cannot be a truly public encryption system if a user cannot easily and accurately evaluate the actual security of the system. Also, the user has no systematic way to modify the algorithm or transformations to make the system more secure or to increase the encryption intensity. In any case, it appears that the encryption intensity cannot be increased without incurring an exponential increase in computing overheads. This is because DES, similar to other short-key schemes, relies on the principle of computationally intense algorithms to achieve encryption. The same short key is used many times but under different conditions to encrypt a much longer plaintext.
Another scheme is the RSA (Rivest, Shamir, and Adleman) Public-Key system. This relies on the principle of computationally complex algorithms to achieve encryption. The scheme has a user pick two very large prime numbers, preferable a few hundred digits each, to generate a pair of dissimilar encryption and decryption keys. Encryption is performed as exponentiation under a modulo arithmetic control by the encryption key. The encryption key can be made public for anyone to encrypt messages intended for the user, but is useless in deriving the decryption key. Thus, the encrypted messages can only be read by the user in possession of the decryption key. The undesirable feature is that the security of the system is based on the use of very large prime numbers that are not easy to obtain. Also, the system can be easily defeated if a quick way to factorize the product of two large prime number is discovered.
Thus, there is still a need for an improved data encryption system.